Information security analyst jobs in Rochester, MN - 324 jobs

Empowered to live. Inspired to work. Compeer Financial is a member-owned cooperative located in Illinois, Minnesota and Wisconsin. We bring together team members with a variety of backgrounds and experiences to help provide financial services to support agriculture and rural communities. Join us in a culture that not only promotes meaningful work and professional development, but provides a flexible, hybrid work environment and excellent benefits, which empower you to thrive both personally and professionally. How we support you: Hybrid model - up to 50% work from home Flexible schedules including ample flexibility in the summer months Up to 9% towards 401k (3% fixed Compeer contribution plus up to 6% match) Benefits: medical, dental, vision, HSA/FSA, life & AD&D insurance, short-term and long-term disability, wellness program & EAP Vacation, sick leave, holidays/floating holidays, parental leave, and volunteer paid time off Learning and development programs Mentorship programs Cross-functional committee opportunities (i.e. Inclusion Council, emerging professional groups, etc.) Professional membership/certification reimbursement and more! Casual/seasonal & intern team members are not eligible for benefits except for state-mandated programs. To learn more about Compeer Financial visit************************ Where you will work: This position offers a hybrid work option up to 50% remote and is based out of any of Compeer's office locations. The contributions you will make: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. In this position, you will guide solutions to promote secure business-to-business initiatives, third-part relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members. A typical day: Remains current with new security threats and assess systems and solutions to ensure they can defend the business. Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis. Develops security team standards, policies, procedures and processes. Support and provide direction for use of technical systems, monitors for unusual and suspicious activity across a wide range of products, data centers, and cloud systems. Partners with Business Technology on security configuration standards for systems and business applications. Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met. Provides cybersecurity guidance to leadership. Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Analyzes and reports system security posture trends. Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives. Prepares audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions. Leads the Incident Response Team during activations for security or operational events. Coordinates, leads and conducts adversary simulation, hunt teaming, assumed breaches and whitebox penetration tests. Develops and executes attack plans, scripts, tools and methodologies to strengthen the offensive operations. Plans and coordinates the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, and multimedia presentations) for the most effective learning environment. The skills and experience we prefer you have: Bachelor's degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job. Expert-level experience in physical asset security, information technology, risk management, security services, or infrastructure technology. CISSP certification preferred. Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods. Expert experience driving measurable improvement in monitoring and response capabilities at scale. Expert ability to identify and resolve problems, utilizing strong analytical skills. Advanced experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools. Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively. Advanced experience with Amazon Web Services (AWS) or Microsoft Azure. Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws. Expert experience with vulnerability and penetration testing engagements. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Expert knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media. Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects. How we will take care of you: Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits. Base Pay$103,100-$156,400 USD Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Must be authorized to work for any employer in the United States. Compeer is unable to sponsor or take over sponsorship of an employment visa at this time. Click here to view federal employment laws applicable for applicants.

Overview We are seeking a Microsoft Purview & O365 Security Engineer to support the rollout and enablement of Microsoft Purview and related security and compliance controls within the Microsoft 365 E5 environment. This role will act as the subject matter expert for Purview on a team with no existing Purview experience, helping to define guardrails, enable controls, and establish a roadmap for secure adoption. The product team is rolling out the platform, the team owns enablement, and this role will partner closely with multiple groups to assess the current state, identify gaps, and define where the organization needs to go. Key Responsibilities * Lead the assessment, configuration, and enablement of *Microsoft Purview* across the O365 environment * Implement and advise on *DLP classification and labeling*, including *auto-labeling capabilities available with E5 licensing* * *Support and configure Purview data protection and compliance features*, including chat and prompt protections * Guide *O365 security controls*, guardrails, and best practices to ensure secure platform adoption * Partner with the team and other stakeholders to: * Assess what security and compliance controls are currently in place * Identify gaps and risks * Define a clear *security and compliance roadmap* * Serve as a hands-on Purview SME and help *educate and upskill the broader team* on Purview capabilities * Support *Windows Defender / Microsoft Defender* integrations and security posture improvements * Contribute from an *insider risk and digital forensics* perspective, where applicable * Conduct research and analysis to support security design decisions and future-state planning * Provide visibility and insight using tools such as *Splunk* (experience preferred) Required Skills * Microsoft Purview * Windows Defender / Microsoft Defender * Data Loss Prevention (DLP) * Office 365 / Microsoft 365 * E5 licensing and capabilities Preferred / Nice-to-Have Skills * Splunk * Insider Risk Management * Digital Forensics * General security * Compliance frameworks knowledge (e.g., NIST) * Experience working in environments with limited existing Purview maturity Qualifications * Hands-on experience securing O365 environments using Microsoft security and compliance tools * Strong understanding of DLP, sensitivity labeling, and data protection strategies * Ability to work independently, "hit the ground running," and take ownership of a new platform * Comfortable partnering across product, enablement, and security teams * Strong communication skills with the ability to explain technical controls to non-experts *Job Type & Location*This is a Contract position based out of Milwaukee, WI. *Pay and Benefits*The pay range for this position is $40.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type*This is a hybrid position in Milwaukee,WI. *Application Deadline*This position is anticipated to close on Jan 20, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The GenAI Security Program is dedicated to safeguarding data, mitigating risks, and promoting responsible AI usage across the enterprise. Our mission is to empower innovation through Generative AI while maintaining the highest standards of security, privacy, compliance, and ethical conduct. We ensure the secure deployment of Generative AI technologies by aligning with established security policies, regulatory requirements, and industry best practices. The program provides governance, oversight, and technical controls to support safe and effective AI adoption throughout the organization. To ensure the security and integrity of our company's data, employees must use only company-approved internet AI tools/service/models for evaluation or testing. Primary Responsibilities: Process secure access requests and ServiceNow tickets with accuracy and adherence to SLAs Host regular office hours to assist internal customers and respond to general inquiries Maintain, update, and organize documentation to ensure consistency and compliance with internal standards Create and manage change requests, ensuring correct configuration details, especially for proxy-related changes Meet with customers to clearly communicate program policies, processes, and expectations Coordinate with technical teams to ensure seamless execution of change requests and incident resolutions Maintain awareness of access management and security governance requirements Ensure change requests are properly categorized and documented for audit readiness Security Analyst Foundation Proven experience in cybersecurity, including threat detection, incident response, and vulnerability management Familiarity with frameworks like NIST AI RMF, OWASP AI Security, and MITRE ATLAS Certifications such as CISSP, CISA, or the new ISC2 Cybersecurity AI Certificate are highly recommended AI & Machine Learning Expertise Understanding of supervised, unsupervised, and reinforcement learning models Experience with tools like TensorFlow, PyTorch, HuggingFace Transformers, and scikit-learn Ability to assess AI model risks, bias, and explainability (XAI) AI Security Specialization Knowledge of adversarial AI threats, model inversion, data poisoning, and secure model lifecycle management Familiarity with AI-specific security tools and workflows (e.g., AI UEBA, threat triage bots, Graph API consent automation) Experience in red teaming and vulnerability testing for AI systems Fast Learning & Adaptability Ability to stay current with emerging threats and evolving AI technologies Participation in ongoing training programs like the ESRO AI Security curriculum and AI persona development tracks Communication & Collaboration Solid written and verbal communication skills to articulate risks, mitigation strategies, and technical concepts to diverse stakeholders Experience contributing to governance frameworks, OKRs, and cross-functional working sessions You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: 3+ years of experience delivering statistical models, machine learning (ML), or artificial intelligence (AI) solutions in a large organization 3+ years of real-world data science experience in or supporting a large organization 3+ years of real-world data engineering experience Experience with Generative AI (GenAI) Knowledge of adversarial AI threats, including model inversion, data poisoning, and secure model lifecycle management Familiarity with frameworks such as NIST AI Risk Management Framework (RMF), OWASP AI Security, or MITRE ATLAS Fluency in Python and SQL Proven ability to stay current with emerging threats and evolving AI technologies Preferred Qualifications: Experience in the cybersecurity domain, ideally as a Security Operations Center (SOC) analyst Customer-facing experience Broad knowledge of information technology, including hardware, networking, architecture, protocols, file systems, and operating systems Proficiency in data querying and reporting Proven solid written and verbal communication skills to clearly articulate risks, mitigation strategies, and technical concepts to diverse stakeholders Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $71,200 to $127,200 annually based on full-time employment. We comply with all minimum wage laws as applicable. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.

At TruStage, we're on a mission to make a brighter financial future accessible to everyone. We put people first, and work hand in hand with employees and customers to create a diverse and inclusive environment. Passionate about building insurance and financial services solutions, we push the boundaries of what's possible. We need you to help us shape what's next. You'll be encouraged to share your experiences, ideas and skills to help others take control of their financial future. Join a team that has received numerous awards for being a top place to work: TruStage awards and recognition Job Summary Under the guidance of Information Security leadership, the Information Security Analyst supports TruStage's cybersecurity program by delivering integrated threat intelligence and digital forensic services. This hands-on role is responsible for reviewing and analyzing incoming threat intelligence to assess risk and potential impact to the organization, applying best practices to inform proactive defense strategies. The analyst plays a critical role in the incident response lifecycle by investigating escalated threats-such as malware infections, phishing attempts, or unauthorized access-through structured processes that include detection, containment, eradication, recovery, and root cause analysis. Responsibilities also include conducting forensic investigations, performing advanced data collections, and executing eDiscovery requests. The analyst may be called upon to support investigations led by Legal, Human Resources, or other internal stakeholders, ensuring evidence integrity and alignment with regulatory and organizational standards. The ideal candidate will have experience using tools such as Magnet Forensics Axiom Cyber, Splunk, Microsoft Defender, and the MITRE ATT&CK framework to detect, investigate, and respond to complex security incidents. This role requires a strong analytical mindset, attention to detail, and the ability to work collaboratively across teams to enhance the organization's security posture. Excellent verbal and written communication skills are essential, as the analyst will be expected to clearly document findings, articulate technical concepts to non-technical stakeholders, and contribute to incident reports, threat briefings, and cross-functional discussions. Job Responsibilities: Support Information Security Leadership regarding all aspects of the information security program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization. Continuously monitor the internal and external landscape for relevant events, risks, and threats related to malicious code, vulnerabilities, and potential attacks. Coordinate and ensure cybersecurity related alerts and incidents are prioritized and responded to at all hours of the day. Remain current with emerging threats and share knowledge with colleagues to improve incident response processes. Participate in the creation and execution of tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders. Review reports from tabletop exercises, vulnerability scans and penetration testing to identify weaknesses or gaps in existing security controls and provide recommendations where appropriate. Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments. Identify, report, and assist in resolving privacy, compliance or security violations and control gaps. Lead feedback with other IT teams to protect data from compliance, privacy or security compromise. Contribute to the strategic direction of the Information Security team to develop new capabilities, process efficiencies and goals. Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities. Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience. The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. Job Requirements: Bachelor's degree in computer science, information systems or related field, or equivalent combination of education and/or related professional work experience. 5 or more years of demonstrated proficiency with an information security audit, assessment, engineering or architecture focus or comparable, professional experience. Proven ability to clearly and effectively communicate business and technical information, both verbally and in writing. Aptitude for speaking or communicating to varied groups of business and technical professionals. Experience in presenting technical material to a nontechnical audience and to senior management. Established skills and experience in the development of security policies, standards or other governance practices. Demonstrated relationship management and consulting skills, including ability to effectively influence and negotiate. Proven ability to provide high quality customer service. Financial Services industry experience strongly preferred. Experience with law enforcement preferred Experience with forensics preferred #LI-SW If you're ready to help make a difference, apply today. A resume is required to apply. TruStage may process applicant information using an Artificial Intelligence (AI) tool. This tool automatically generates a screening score based on how well applicant information matches the requirements and qualifications for the position. TruStage recruiters use the screening score as a guide to further evaluate candidates; the score is one component of an application review and does not automatically determine whether a candidate moves forward. Candidates may choose to opt out of this process. Compensation may vary based on the job level, your geographic work location, position incentive plan and exemption status. Base Salary Range: $97,800.00 - $146,800.00 At TruStage, we believe a sound, inclusive benefits program is of vital importance, along with a flexible workplace that allows for work-life balance, career growth and retirement assistance. In addition to your base pay, your position may be eligible for an annual incentive (bonus) plan. Additional benefits available to eligible employees include medical, dental, vision, employee assistance program, life insurance, disability plans, parental leave, paid time off, 401k, and tuition reimbursement, just to name a few. Beyond pay and benefits, we also recognize that flexibility, including working in a place you prefer, is essential to caring for our employees. We will continue to strive to offer flexibility and invest in technology and other tools that will make hybrid working normal rather than an exception, so that when “life happens,” you can focus on what's most important. Accommodation request TruStage is a place where everyone can bring their best self and thrive. If you need application or interview process accommodations, please contact the accessibility department.

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. This is a hybrid job, must be located in Saint Paul MN Responsibilities • Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. • Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. • Configures and maintains EDR/antivirus. • Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. • Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. • Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. • When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). • Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: • Ability to work in a team environment and independently as required • Contributes to project planning and scheduling. • Normally receives minimal instructions on routine work and detailed instructions on new assignments. • Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. • Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. • Establish and maintain pertinent policies, standards, and procedures • Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. • Contributes to the overall operations and to the achievement of departmental goals • Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. • Understanding of Good Laboratory Practices and Good Manufacturing Practices • Other duties as assigned Qualifications • Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security • In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms • In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining • In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining • Knowledge of ISO/IEC 27001 standards. • Strong technical acumen with a solid understanding of security technologies and network architecture • Strong verbal and written communication skills • Independent driver of self-development and continuous learning • Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. • Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. • Experience in a large, formal vulnerability program. • General knowledge of cloud, wireless network and mobile security. • Team-oriented and skilled in working within a collaborative environment. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management.

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field If you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to *************************** Additional InformationIf you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to ***************************

Job Description This is a hybrid position requiring 3 days in office at our Middleton, WI office location. #LI-Hybrid At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive employees. Come join our exciting company where you can really make an impact, and each individual's unique skills and talents are recognized and valued. You will find an accessible leadership team that welcomes opinions and ideas. We owe much of our success to our collaborative environment and set of three guiding principles rooted in customer-centricity, employee excellence and corporate culture. We offer competitive compensation and benefits packages - including an innovative open vacation plan, generous paid sick and parental leave, fully vested matching 401k, company-paid group term life insurance and short- & long-term disability plans, professional and educational growth opportunities, flexible and casual work environment, and recognition for exceptional performance. Please see our full list of Total Rewards here. CapSpecialty is seeking an Information Security Analyst who will support our organization's cybersecurity operations. The analyst will assist in monitoring systems, investigating alerts, managing access controls, and supporting compliance efforts. This role includes exposure to Identity & Access Management (“IAM”) and other key areas of information security. Duties/Responsibilities: Conduct investigations into and properly document security incidents, including evaluating incident impact and recommending corrective actions to management. Collate security metrics and generate reports from the security systems as needed. Support managing accounts and permissions in IAM systems, including recommending improvements to identity governance where appropriate. Perform tasks as assigned to meet any audit requests. Help maintain IAM documentation and workflows. Help maintain and promote security policies, procedures, and training materials. Oversee assigned components of the security awareness programs, and track employee participation including following up on training completion. This may include reporting compliance metrics to leadership. Manage the physical security program, providing recommendations for updates as needed. Keep up to date and current on security trends. Other related duties and initiatives, as assigned. Supervisory Responsibilities: None. Core Competencies: Proven ability to deal well with ambiguity, prioritize tasks, resolve issues and deliver measurable results in an agile, fast-paced environment. Excellent oral and written communication skills. Ability to manage difficult customer situations, elicit customer feedback, analyze and resolve customer issues. Excellent analytical, problem solving, collaboration and time-management skills. A high level of integrity and commitment to confidentiality. Must be highly self-motivated requiring minimal direction. Have a passion for Information Security and a desire to advance personal growth through continuing professional education, self-study, and pursuit of technical certifications. Education and Experience: Associate's degree in computer science or equivalent. 1+ years of relevant experience in IT with exposure to cybersecurity practices, technologies, and methodologies is preferred. Basic understanding of security principles, threats, and controls is desirable. Familiarity with IAM concepts and tools (i.e. Active Directory, Okta, Azure AD) is a plus but not required. Familiarity with security controls and technologies desired (i.e. firewall, SIEM, DLP, WAF, and IPS.). Physical Demands Prolonged periods of sitting at a desk and working on a computer. May be required to lift up to 15 pounds at times. CapSpecialty is a leading provider of specialty insurance and bonds for small- to mid-sized businesses in the U.S., offering casualty, professional liability, surety and fidelity products in all 50 states and the District of Columbia. By working with select partners through a limited distribution model, CapSpecialty's creative, hard-working team provides personalized service and cultivates mutually successful partnerships to deliver positive results. CapSpecialty is an operating subsidiary of Berkshire Hathaway, and its carriers have an A ("Excellent") rating from A.M. Best, writing both admitted and non-admitted policies. For more information, please visit CapSpecialty.com. Apply today! Equal Employment Opportunity Employer Powered by ExactHire:184950

The Chief Information Security Officer (CISO) provides strategic leadership for Mayo Clinic's global information security program by balancing the preservation of trust by securing the privacy and security of patients, staff and other third parties with the need for simplification, convenience and frictionless use of technology and digital solutions for end users. Mayo Clinic's CISO is responsible for safeguarding sensitive data and digital assets across all of Mayo Clinic and our related partnerships and affiliations. This executive role champions a proactive, adaptive security posture, leveraging emerging technologies and fostering a culture of shared responsibility for cybersecurity. The CISO works closely with leaders in the Digital Technology Organization (DTO) across Mayo Clinic to ensure security is seamlessly integrated into all technology initiatives. Additionally, the CISO partners with executive and functional leaders to embed security into business processes, digital transformation initiatives and innovation projects, ensuring alignment with Mayo Clinic's mission and values, again in a manner that enables solutions not delays or serves as a barrier. This is an on-site position based in Rochester, MN. Key Responsibilities 1. Enterprise Information Security Leadership Refresh and execute a comprehensive, forward-looking information security strategy that protects Mayo Clinic's data, systems and intellectual property across all operations and geographies. Oversee all elements of Mayo Clinic's enterprise-wide information security program, including policy, strategy, architecture and operations, threat intelligence, incident response, AI and automation, security testing, identity management, ERIS and ERP, ensuring alignment to regulatory requirements and industry standards. Champion adoption of advanced security technologies, such as AI-driven threat detection, zero trust architecture, cloud security and identity management platforms in a manner that supports operations. Continuously assess and adapt the security program to address emerging threats, digital transformation and the needs of a remote and hybrid workforce. 2. Business Alignment & Collaboration Serve as a strategic partner to executive leadership and cross-functional teams, integrating security into business processes, technology initiatives and organizational change efforts. Foster a culture of cybersecurity awareness and shared accountability among employees, patients, partners and vendors. Collaborate with the DTO, internal audit, compliance, risk operations, legal, physical security, systems operations and development teams to coordinate security initiatives and drive enterprise-wide resilience while fostering and maintaining a positive user experience. Engage with external partners, industry groups and regulatory bodies to benchmark practices and ensure Mayo Clinic remains at the forefront of security innovation. 3. Vision, Governance & Risk Management Provide visionary leadership in risk management, governance and performance measurement, utilizing automation, advanced analytics, real-time dashboards and executive reporting. Guide the organization in balancing security, privacy and operational agility, ensuring business alignment and effective governance to safely enable emerging technology Lead the development and monitoring of executive-level metrics, risk analysis, mitigation strategies and reporting mechanisms. Provide executive leadership for enterprise cyber incident and crisis management, ensuring decisive, coordinated response and recovery for security events impacting the organization at any time. Advise senior leadership on security risks, trends and investment priorities, supporting informed decision-making and continuous improvement. Ensure security objectives are continually evaluated and sufficient to address evolving risks and aligned to organizational risk tolerance. 4. Team Leadership & Program Evolution Build, mentor and retain a diverse, high-performing team of information security professionals, promoting continuous learning and professional development. Cultivate a culture of inclusion, innovation and excellence within the security function. Lead the evolution of the information security program, securing executive sponsorship and budget, demonstrating measurable value and driving consensus among functional leaders. Manage relationships with external technology vendors and professional services firms, overseeing evaluation, negotiation and ongoing performance of service agreements. Bachelor's degree in information technology, Health Informatics, Business Administration or related field is required. Master's degree of Science, Business Administration, Health Administration or related field is required. Qualified candidates must be a Certified Information Systems Security Professional (CISSP) with an active certification status. Experience as either a Chief Information Security Officer of an enterprise organization or as a direct report to a Chief Information Security Officer of a large international organization is required. Experience in the attraction, recruitment, hiring, retention and professional development of a diverse team of dedicated information security professionals. Experience in the successful evolution of an information security program. This will include garnering executive support and budget for information security initiatives, building consensus with functional leaders by demonstrating value and measurable results and creating a culture of information security awareness amongst the company's core ecosystem, including patients, employees, partners and vendors, while maintaining efficiency. Experience in the evaluation and implementation of industry standard enterprise-wide information security technologies and concepts, including but not limited to: Data Loss Prevention, Security Information and Event Management, Governance, Risk and Compliance Tools, Threat and Vulnerability Management, Identity and Access Management, Application Security, Cloud Security and Computer Forensics. A demonstrated understanding of the complex and diverse threats that an internationally renowned organization with sensitive data can be exposed to. Experience in managing relationships with external information security technology vendors, and specialized information security professional services firms, including management of the evaluation process of their capabilities, and the eventual negotiation of fair service level agreements and contracts between their company and these entities. Must be eligible to obtain security clearance if necessary.

The Chief Information Security Officer (CISO) provides strategic leadership for Mayo Clinic's global information security program by balancing the preservation of trust by securing the privacy and security of patients, staff and other third parties with the need for simplification, convenience and frictionless use of technology and digital solutions for end users. Mayo Clinic's CISO is responsible for safeguarding sensitive data and digital assets across all of Mayo Clinic and our related partnerships and affiliations. This executive role champions a proactive, adaptive security posture, leveraging emerging technologies and fostering a culture of shared responsibility for cybersecurity. The CISO works closely with leaders in the Digital Technology Organization (DTO) across Mayo Clinic to ensure security is seamlessly integrated into all technology initiatives. Additionally, the CISO partners with executive and functional leaders to embed security into business processes, digital transformation initiatives and innovation projects, ensuring alignment with Mayo Clinic's mission and values, again in a manner that enables solutions not delays or serves as a barrier. This is an on-site position based in Rochester, MN. Key Responsibilities 1. Enterprise Information Security Leadership Refresh and execute a comprehensive, forward-looking information security strategy that protects Mayo Clinic's data, systems and intellectual property across all operations and geographies. Oversee all elements of Mayo Clinic's enterprise-wide information security program, including policy, strategy, architecture and operations, threat intelligence, incident response, AI and automation, security testing, identity management, ERIS and ERP, ensuring alignment to regulatory requirements and industry standards. Champion adoption of advanced security technologies, such as AI-driven threat detection, zero trust architecture, cloud security and identity management platforms in a manner that supports operations. Continuously assess and adapt the security program to address emerging threats, digital transformation and the needs of a remote and hybrid workforce. 2. Business Alignment & Collaboration Serve as a strategic partner to executive leadership and cross-functional teams, integrating security into business processes, technology initiatives and organizational change efforts. Foster a culture of cybersecurity awareness and shared accountability among employees, patients, partners and vendors. Collaborate with the DTO, internal audit, compliance, risk operations, legal, physical security, systems operations and development teams to coordinate security initiatives and drive enterprise-wide resilience while fostering and maintaining a positive user experience. Engage with external partners, industry groups and regulatory bodies to benchmark practices and ensure Mayo Clinic remains at the forefront of security innovation. 3. Vision, Governance & Risk Management Provide visionary leadership in risk management, governance and performance measurement, utilizing automation, advanced analytics, real-time dashboards and executive reporting. Guide the organization in balancing security, privacy and operational agility, ensuring business alignment and effective governance to safely enable emerging technology Lead the development and monitoring of executive-level metrics, risk analysis, mitigation strategies and reporting mechanisms. Provide executive leadership for enterprise cyber incident and crisis management, ensuring decisive, coordinated response and recovery for security events impacting the organization at any time. Advise senior leadership on security risks, trends and investment priorities, supporting informed decision-making and continuous improvement. Ensure security objectives are continually evaluated and sufficient to address evolving risks and aligned to organizational risk tolerance. 4. Team Leadership & Program Evolution Build, mentor and retain a diverse, high-performing team of information security professionals, promoting continuous learning and professional development. Cultivate a culture of inclusion, innovation and excellence within the security function. Lead the evolution of the information security program, securing executive sponsorship and budget, demonstrating measurable value and driving consensus among functional leaders. Manage relationships with external technology vendors and professional services firms, overseeing evaluation, negotiation and ongoing performance of service agreements. Bachelor's degree in information technology, Health Informatics, Business Administration or related field is required. Master's degree of Science, Business Administration, Health Administration or related field is required. Qualified candidates must be a Certified Information Systems Security Professional (CISSP) with an active certification status. Experience as either a Chief Information Security Officer of an enterprise organization or as a direct report to a Chief Information Security Officer of a large international organization is required. Experience in the attraction, recruitment, hiring, retention and professional development of a diverse team of dedicated information security professionals. Experience in the successful evolution of an information security program. This will include garnering executive support and budget for information security initiatives, building consensus with functional leaders by demonstrating value and measurable results and creating a culture of information security awareness amongst the company's core ecosystem, including patients, employees, partners and vendors, while maintaining efficiency. Experience in the evaluation and implementation of industry standard enterprise-wide information security technologies and concepts, including but not limited to: Data Loss Prevention, Security Information and Event Management, Governance, Risk and Compliance Tools, Threat and Vulnerability Management, Identity and Access Management, Application Security, Cloud Security and Computer Forensics. A demonstrated understanding of the complex and diverse threats that an internationally renowned organization with sensitive data can be exposed to. Experience in managing relationships with external information security technology vendors, and specialized information security professional services firms, including management of the evaluation process of their capabilities, and the eventual negotiation of fair service level agreements and contracts between their company and these entities. Must be eligible to obtain security clearance if necessary.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

The City of Rochester welcomes applications for IT Analyst Rochester Public Utilities *********** RPU, a division of the City of Rochester, MN, is the largest municipal utility in the State of Minnesota. RPU serves over 57,000 electric customers and 41,000 water customers in a 60 square mile service area and has revenues nearing $161 million annually. Limited Term Appointment This position anticipated to last 18 - 24 months to support the City of Rochester's implementation of a new Enterprise Recourse Planning software. This role is contingent upon the availability of allocated funds, as well as favorable performance by the incumbent. Nature of Work This position is responsible for developing, implementing and supporting software application systems. Responsibilities include business process analysis; project management; software application design, implementation and support; data analysis and reporting. Pay The 2025 starting salary range is $82,338 to $96,868 with advancement to $121,086. The City of Rochester will not sponsor or transfer visas for this position including F1 OPT STEM. To have your application considered in the first round of application review, apply before December 29th, 2025 The City of Rochester is committed to a community where all members feel a sense of belonging. We commit to recognizing the diversity of our community members, listening to ALL voices and providing equitable services to create an inclusive place to live, play and work. We believe EQUITY should be at the center of all our work. We strive to represent our community in our teammates, as we know that diverse and inclusive teams are more innovative, and have an empowering impact on the work, progress and culture of our community. It takes us all working together DUTIES AND RESPONSIBILITIES The work below is representative of the scope of work performed within this job classification. Individual job duties will vary based on work assignment. * Work closely with stakeholders to understand, document and communicate requirements and expectations. * Work effectively with users to ensure that open communications are maintained. * Provide guidance regarding business process and technical feasibility. * Provide ongoing status reports to users to ensure that user expectations are being met. * Manage projects effectively following IT Project Management requirements and best practices. * Lead and participate in projects throughout the organization. * Effectively plan, execute, and close projects to successful outcome. * Effectively document, update and report throughout the project lifecycles, including project definition, scope, deliverables, budget, timeline, work breakdown structure, risks, constraints. * Facilitate communications throughout the project lifecycles, e.g., meetings, updates, schedules, charts, reports, etc. * Design applications and solutions. * Review and analyze business processes. * Provide recommendations based on research and applications knowledge that will improve the effectiveness, efficiency, and security of the business process in alignment with customer requirements and expectations. * Identify guidelines to be used for preparing specifications and implementation schedules. * Prepare specifications and implementation. * Prepare specifications for presentation and output, workflow, business rules and data management based upon the design guidelines. * Ensure that specifications meet internal standards and user approval. * Prepare implementation scope, budgets, and timelines based upon detail specifications. * Implement applications. * Maintain project management controls to ensure that implementation scope, budget, and timelines are met. * Configure, code, test and debug applications to specifications. * Prepare documentation to accurately describe the application and internal process flow. * Install applications and ensures that they interact properly with existing applications. * Develop and provide training to users as required. Provide maintenance support. * Troubleshoot processing problems and recommend appropriate solutions independently or with service providers as needed. * Enhance applications to conform to changing requirements. * Support ongoing maintenance and upgrades as needed. * Data analysis and reporting. * Design, develop, implement and maintain databases/data systems; ETL (Extract, Transform, and Load) systems and processes to support operational and analytical applications. * Acquire, organize and analyze data using statistical techniques and tools. Identify and interpret trends or patterns in data sets. * Work closely with users to develop, implement and provide the on-going support for queries, reports and dashboards. * Develop and implement data collection systems and other strategies that optimize statistical efficiency and data quality. * Understand the current operating environment and work effectively with development tools. * Stay abreast of changes in the industry and provide recommendations to improve the performance and utilization of information system resources. Perform other duties as assigned or necessary. * ESSENTIAL FUNCTIONS MINIMUM QUALIFICATIONS Education and Experience A Bachelor's degree in computer science or closely related field from an accredited four-year college or university AND one (1) year of full-time employment experience; OR An Associate's degree in computer science or closely related field from an accredited post-secondary program AND five (5) years of full-time employment experience; OR An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job may also be considered. If this work interests you but you are unsure if you meet all the job requirements listed above, please apply anyway! Your experience is likely more applicable to the role than you think, and the City is interested in candidates who can bring not only technical expertise but a variety of lived experience to the team. Desirable Qualifications * Experience in business analysis, project management, and technical training; application development, implementation, and support; database management, data engineering, and data analytics. * Project Management Certification * Experiences in application development in Microsoft Azure, Office 365, Power Platform, SharePoint * SQL, Java, JavaScript, Python, Data Analytics Expression (DAX). ADDITIONAL INFORMATION PHYSICAL AND ENVIRONMENTAL CRITERIA In compliance with the Americans with Disabilities Act, the following represents the physical and environmental demands for this position. The employee must be able to perform the essential functions with or without accommodation. In consideration of the overall amount of physical effort required to perform this position, the work is best described as Sedentary Work: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met. Physical demands that may be required continuously (2/3 or more of the time), frequently (1/3 to 2/3 of the time), and occasionally (up to 1/3 of the time) are noted below: Continuous demands: sitting, fine dexterity, Occasional demands: standing, walking, reaching, handling, lifting, carrying Sensory requirements necessary in the performance of the essential functions of this position include: sight, hearing, and touch. Environmental conditions that may exist in the performance of the essential functions of this job include: NONE (not substantially exposed to environmental conditions)

Company DescriptionJobs for Humanity is partnering with Target to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Target Location: 1000 Nicollet Mall, Minneapolis, Minnesota, United States, 55403-2542 The pay range per hour is $19.23 - $34.62 Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at ********************************************** Job Title: Sr Specialist - Corporate Security & Safety Classification: L2 Date: November 2023 About Us: As a Fortune 50 company with more than 350,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. Working at Target means the opportunity to help all families discover the joy of everyday life. Caring for our communities is woven into who we are, and we invest in the places we collectively live, work and play. We prioritize relationships, fuel and develop talent by creating growth opportunities, and succeed as one Target team. At our core, our purpose is ingrained in who we are, what we value, and how we work. It's how we care, grow, and win together. To match the signature style and passion of Target's distinctive retail brand, Target Legal Affairs is a dynamic and deeply knowledgeable team of experts. Whether specializing in law, government affairs, employee relations, risk, compliance, ethics, security or food safety, we use our expertise and influence to advocate for Target, support Target's business and mitigate risk for the company. We work with both internal and external entities on key issues that affect Target's ability to productively, ethically and securely conduct business. Through our understanding of Target's business models and operations, we help facilitate Target's growth, and provide guidance that leaders rely on to make appropriate, well-informed decisions. Simultaneously, we help protect the business by applying our comprehensive understanding of risk and the law on issues that impact our brand, guests, team members, stores, distribution centers and corporate locations. Here, you'll enjoy working autonomously with a healthy work-life balance. Your passion for learning the business, collaborating with others and building relationships with senior leaders and key business partners that you support will be essential to tackling the ever-changing legal and risk-based challenges we face in a dynamic and fast-paced retail environment. A role within Corporate Security means working with a team dedicated to protecting the Target team, guests, property, and brand. You will use our comprehensive understanding and management of evolving security risks to protect our Target community throughout the world. You may support Target's Crisis and Threat Management, Preparedness and Continuity, Forensics, Intelligence, Physical Security and Safety, Executive Services, or Operations teams. As a Target Sr. Security Specialist, no two days are ever the same, but a typical day will most likely include the following responsibilities. You'll support safe and secure operations by engaging with team members, partners, and guests at entry points of our buildings. Leveraging Target's policies and procedures, you'll provision building access to all our Target community members. Using intelligence-led tactics and remaining situationally aware, you'll maintain safe and secure standards throughout our buildings and properties. In addition, you'll respond to and accurately document security incidents and activities, sharing your expertise to educate and empower team members on what to do during emergencies. Furthering our culture of ethical conduct, safety, and compliance, you'll encourage team members to report security concerns to Corporate Security. You'll also execute select security routines and projects that advance our goal to minimize risk at Target. Lastly, you'll provide a Target-brand experience and environment by supporting the needs of others. Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs. About you: High school diploma or equivalent. Possess a valid driver's license and ability to complete routines and patrols utilizing a company vehicle. Meet any state or local licensure and/or other legal requirements related to the position. Welcoming and helpful attitude towards team members, partners, and guests. Learn and adapt to current technology needs and changing work environments. Effective communication and de-escalation skills. Work both independently and with a team. Manage workload and prioritize tasks independently during crisis situations. Be reliable and dependable as it relates to assigned tasks. Trustworthy to work with highly confidential information. Climb up and down stairs and ladders. Provide life-saving actions, including CPR and other first aid. Ability to sit, stand, or be mobile for extended periods of time and effectively move items up to 40 pounds. Flexibility to work a set schedule and adjust as business needs dictate, with regular attendance necessary. Americans with Disabilities Act (ADA) Target will provide reasonable accommodations with the application process upon your request as required to comply with applicable laws. If you have a disability and require assistance in this application process, please visit your nearest Target store or Supply Chain Facility or reach out to Guest Services at ************** for additional information.

Empowered to live. Inspired to work. Compeer Financial is a member-owned cooperative located in Illinois, Minnesota and Wisconsin. We bring together team members with a variety of backgrounds and experiences to help provide financial services to support agriculture and rural communities. Join us in a culture that not only promotes meaningful work and professional development, but provides a flexible, hybrid work environment and excellent benefits, which empower you to thrive both personally and professionally. How we support you: Hybrid model - up to 50% work from home Flexible schedules including ample flexibility in the summer months Up to 9% towards 401k (3% fixed Compeer contribution plus up to 6% match) Benefits: medical, dental, vision, HSA/FSA, life & AD&D insurance, short-term and long-term disability, wellness program & EAP Vacation, sick leave, holidays/floating holidays, parental leave, and volunteer paid time off Learning and development programs Mentorship programs Cross-functional committee opportunities (i.e. Inclusion Council, emerging professional groups, etc.) Professional membership/certification reimbursement and more! Casual/seasonal & intern team members are not eligible for benefits except for state-mandated programs. To learn more about Compeer Financial visit************************ Where you will work: This position offers a hybrid work option up to 50% remote and is based out of any of Compeer's office locations. The contributions you will make: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. In this position, you will guide solutions to promote secure business-to-business initiatives, third-part relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members. A typical day: Remains current with new security threats and assess systems and solutions to ensure they can defend the business. Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis. Develops security team standards, policies, procedures and processes. Support and provide direction for use of technical systems, monitors for unusual and suspicious activity across a wide range of products, data centers, and cloud systems. Partners with Business Technology on security configuration standards for systems and business applications. Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met. Provides cybersecurity guidance to leadership. Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Analyzes and reports system security posture trends. Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives. Prepares audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions. Leads the Incident Response Team during activations for security or operational events. Coordinates, leads and conducts adversary simulation, hunt teaming, assumed breaches and whitebox penetration tests. Develops and executes attack plans, scripts, tools and methodologies to strengthen the offensive operations. Plans and coordinates the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, and multimedia presentations) for the most effective learning environment. The skills and experience we prefer you have: Bachelor's degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job. Expert-level experience in physical asset security, information technology, risk management, security services, or infrastructure technology. CISSP certification preferred. Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods. Expert experience driving measurable improvement in monitoring and response capabilities at scale. Expert ability to identify and resolve problems, utilizing strong analytical skills. Advanced experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools. Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively. Advanced experience with Amazon Web Services (AWS) or Microsoft Azure. Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws. Expert experience with vulnerability and penetration testing engagements. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Expert knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media. Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects. How we will take care of you: Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits. Base Pay$103,100-$156,400 USD Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Must be authorized to work for any employer in the United States. Compeer is unable to sponsor or take over sponsorship of an employment visa at this time. Click here to view federal employment laws applicable for applicants.

The IT Technical Analyst I provides technical support for office and manufacturing environments, handling requests via phone, email, and in person while utilizing service management tools to track and resolve issues. Responsibilities include configuring, deploying, and maintaining endpoint devices, troubleshooting across multiple disciplines, and ensuring adherence to company policies. The role requires proficiency in PC hardware, Windows OS, Active Directory, SCCM, MDT, O365, and an understanding of networks, servers, and databases, with awareness of ITIL processes. Strong customer service, problem-solving skills, adaptability to change, and the ability to work independently with limited supervision are essential, along with occasional travel and collaboration to improve departmental success. *Skills* active directory, sccm, MDT, office 365, windows 10, pc support, pc troubleshooting, windows operating systems, network support, network troubleshooting, server support, Support, Analysis, database administrator, printers, computer programming, scanner, manual testing, manufacturing industry, problem management, organization development, customer service *Top Skills Details* active directory,sccm,MDT,office 365,windows 10,pc support,pc troubleshooting,windows operating systems,network support,network troubleshooting,server support,Support,Analysis,database administrator *Additional Skills & Qualifications* Additional Skills: -Exceptional customer service and communication skills for managing internal and external interactions. -Strong organizational and time management abilities to prioritize tasks effectively. -Documentation skills for maintaining accurate records and processes. -Problem-solving creativity using tools, experience, and resourcefulness. -Ability to work independently with limited supervision and take ownership of tasks. -Adaptability to changing conditions and willingness to embrace new opportunities. Additional Qualifications: -Two-year technical degree, related certifications, or equivalent work experience. -2+ years in an IT support environment. -Awareness of ITIL process framework for structured IT service management. -Prior experience in a manufacturing setting (preferred). -Willingness to travel domestically up to 10%. *Experience Level* Entry Level *Job Type & Location*This is a Contract position based out of Norwalk, IA. *Pay and Benefits*The pay range for this position is $23.00 - $26.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type*This is a fully onsite position in Norwalk,IA. *Application Deadline*This position is anticipated to close on Jan 26, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

At TruStage, we're on a mission to make a brighter financial future accessible to everyone. We put people first, and work hand in hand with employees and customers to create a diverse and inclusive environment. Passionate about building insurance and financial services solutions, we push the boundaries of what's possible. We need you to help us shape what's next. You'll be encouraged to share your experiences, ideas and skills to help others take control of their financial future. Join a team that has received numerous awards for being a top place to work: TruStage awards and recognition Job Summary Under the guidance of Information Security leadership, the Information Security Analyst supports TruStage's cybersecurity program by delivering integrated threat intelligence and digital forensic services. This hands-on role is responsible for reviewing and analyzing incoming threat intelligence to assess risk and potential impact to the organization, applying best practices to inform proactive defense strategies. The analyst plays a critical role in the incident response lifecycle by investigating escalated threats-such as malware infections, phishing attempts, or unauthorized access-through structured processes that include detection, containment, eradication, recovery, and root cause analysis. Responsibilities also include conducting forensic investigations, performing advanced data collections, and executing eDiscovery requests. The analyst may be called upon to support investigations led by Legal, Human Resources, or other internal stakeholders, ensuring evidence integrity and alignment with regulatory and organizational standards. The ideal candidate will have experience using tools such as Magnet Forensics Axiom Cyber, Splunk, Microsoft Defender, and the MITRE ATT&CK framework to detect, investigate, and respond to complex security incidents. This role requires a strong analytical mindset, attention to detail, and the ability to work collaboratively across teams to enhance the organization's security posture. Excellent verbal and written communication skills are essential, as the analyst will be expected to clearly document findings, articulate technical concepts to non-technical stakeholders, and contribute to incident reports, threat briefings, and cross-functional discussions. Job Responsibilities: * Support Information Security Leadership regarding all aspects of the information security program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization. * Continuously monitor the internal and external landscape for relevant events, risks, and threats related to malicious code, vulnerabilities, and potential attacks. * Coordinate and ensure cybersecurity related alerts and incidents are prioritized and responded to at all hours of the day. * Remain current with emerging threats and share knowledge with colleagues to improve incident response processes. * Participate in the creation and execution of tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders. * Review reports from tabletop exercises, vulnerability scans and penetration testing to identify weaknesses or gaps in existing security controls and provide recommendations where appropriate. * Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments. * Identify, report, and assist in resolving privacy, compliance or security violations and control gaps. * Lead feedback with other IT teams to protect data from compliance, privacy or security compromise. * Contribute to the strategic direction of the Information Security team to develop new capabilities, process efficiencies and goals. * Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities. * Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience. * The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. Job Requirements: * Bachelor's degree in computer science, information systems or related field, or equivalent combination of education and/or related professional work experience. * 5 or more years of demonstrated proficiency with an information security audit, assessment, engineering or architecture focus or comparable, professional experience. * Proven ability to clearly and effectively communicate business and technical information, both verbally and in writing. * Aptitude for speaking or communicating to varied groups of business and technical professionals. * Experience in presenting technical material to a nontechnical audience and to senior management. * Established skills and experience in the development of security policies, standards or other governance practices. * Demonstrated relationship management and consulting skills, including ability to effectively influence and negotiate. * Proven ability to provide high quality customer service. * Financial Services industry experience strongly preferred. * Experience with law enforcement preferred * Experience with forensics preferred #LI-SW If you're ready to help make a difference, apply today. A resume is required to apply. TruStage may process applicant information using an Artificial Intelligence (AI) tool. This tool automatically generates a screening score based on how well applicant information matches the requirements and qualifications for the position. TruStage recruiters use the screening score as a guide to further evaluate candidates; the score is one component of an application review and does not automatically determine whether a candidate moves forward. Candidates may choose to opt out of this process. Compensation may vary based on the job level, your geographic work location, position incentive plan and exemption status. Base Salary Range: $97,800.00 - $146,800.00 At TruStage, we believe a sound, inclusive benefits program is of vital importance, along with a flexible workplace that allows for work-life balance, career growth and retirement assistance. In addition to your base pay, your position may be eligible for an annual incentive (bonus) plan. Additional benefits available to eligible employees include medical, dental, vision, employee assistance program, life insurance, disability plans, parental leave, paid time off, 401k, and tuition reimbursement, just to name a few. Beyond pay and benefits, we also recognize that flexibility, including working in a place you prefer, is essential to caring for our employees. We will continue to strive to offer flexibility and invest in technology and other tools that will make hybrid working normal rather than an exception, so that when "life happens," you can focus on what's most important. Accommodation request TruStage is a place where everyone can bring their best self and thrive. If you need application or interview process accommodations, please contact the accessibility department.

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. This is a hybrid job, must be located in Saint Paul MN Responsibilities • Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. • Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. • Configures and maintains EDR/antivirus. • Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. • Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. • Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. • When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). • Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: • Ability to work in a team environment and independently as required • Contributes to project planning and scheduling. • Normally receives minimal instructions on routine work and detailed instructions on new assignments. • Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. • Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. • Establish and maintain pertinent policies, standards, and procedures • Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. • Contributes to the overall operations and to the achievement of departmental goals • Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. • Understanding of Good Laboratory Practices and Good Manufacturing Practices • Other duties as assigned Qualifications • Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security • In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms • In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining • In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining • Knowledge of ISO/IEC 27001 standards. • Strong technical acumen with a solid understanding of security technologies and network architecture • Strong verbal and written communication skills • Independent driver of self-development and continuous learning • Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. • Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. • Experience in a large, formal vulnerability program. • General knowledge of cloud, wireless network and mobile security. • Team-oriented and skilled in working within a collaborative environment. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management. We can recommend jobs specifically for you! An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability Click here to get started.

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field Additional Information To know more about this opportunity or to schedule an interview, Please Contact: Neha Kalia *************************** ************

Why Mayo Clinic Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic. Benefits Highlights * Medical: Multiple plan options. * Dental: Delta Dental or reimbursement account for flexible coverage. * Vision: Affordable plan with national network. * Pre-Tax Savings: HSA and FSAs for eligible expenses. * Retirement: Competitive retirement package to secure your future. Responsibilities The Chief Information Security Officer (CISO) provides strategic leadership for Mayo Clinic's global information security program by balancing the preservation of trust by securing the privacy and security of patients, staff and other third parties with the need for simplification, convenience and frictionless use of technology and digital solutions for end users. Mayo Clinic's CISO is responsible for safeguarding sensitive data and digital assets across all of Mayo Clinic and our related partnerships and affiliations. This executive role champions a proactive, adaptive security posture, leveraging emerging technologies and fostering a culture of shared responsibility for cybersecurity. The CISO works closely with leaders in the Digital Technology Organization (DTO) across Mayo Clinic to ensure security is seamlessly integrated into all technology initiatives. Additionally, the CISO partners with executive and functional leaders to embed security into business processes, digital transformation initiatives and innovation projects, ensuring alignment with Mayo Clinic's mission and values, again in a manner that enables solutions not delays or serves as a barrier. This is an on-site position based in Rochester, MN. Key Responsibilities 1. Enterprise Information Security Leadership * Refresh and execute a comprehensive, forward-looking information security strategy that protects Mayo Clinic's data, systems and intellectual property across all operations and geographies. * Oversee all elements of Mayo Clinic's enterprise-wide information security program, including policy, strategy, architecture and operations, threat intelligence, incident response, AI and automation, security testing, identity management, ERIS and ERP, ensuring alignment to regulatory requirements and industry standards. * Champion adoption of advanced security technologies, such as AI-driven threat detection, zero trust architecture, cloud security and identity management platforms in a manner that supports operations. * Continuously assess and adapt the security program to address emerging threats, digital transformation and the needs of a remote and hybrid workforce. 2. Business Alignment & Collaboration * Serve as a strategic partner to executive leadership and cross-functional teams, integrating security into business processes, technology initiatives and organizational change efforts. * Foster a culture of cybersecurity awareness and shared accountability among employees, patients, partners and vendors. * Collaborate with the DTO, internal audit, compliance, risk operations, legal, physical security, systems operations and development teams to coordinate security initiatives and drive enterprise-wide resilience while fostering and maintaining a positive user experience. * Engage with external partners, industry groups and regulatory bodies to benchmark practices and ensure Mayo Clinic remains at the forefront of security innovation. 3. Vision, Governance & Risk Management * Provide visionary leadership in risk management, governance and performance measurement, utilizing automation, advanced analytics, real-time dashboards and executive reporting. * Guide the organization in balancing security, privacy and operational agility, ensuring business alignment and effective governance to safely enable emerging technology * Lead the development and monitoring of executive-level metrics, risk analysis, mitigation strategies and reporting mechanisms. * Provide executive leadership for enterprise cyber incident and crisis management, ensuring decisive, coordinated response and recovery for security events impacting the organization at any time. * Advise senior leadership on security risks, trends and investment priorities, supporting informed decision-making and continuous improvement. * Ensure security objectives are continually evaluated and sufficient to address evolving risks and aligned to organizational risk tolerance. 4. Team Leadership & Program Evolution * Build, mentor and retain a diverse, high-performing team of information security professionals, promoting continuous learning and professional development. * Cultivate a culture of inclusion, innovation and excellence within the security function. * Lead the evolution of the information security program, securing executive sponsorship and budget, demonstrating measurable value and driving consensus among functional leaders. * Manage relationships with external technology vendors and professional services firms, overseeing evaluation, negotiation and ongoing performance of service agreements. Qualifications Bachelor's degree in information technology, Health Informatics, Business Administration or related field is required. Master's degree of Science, Business Administration, Health Administration or related field is required. Qualified candidates must be a Certified Information Systems Security Professional (CISSP) with an active certification status. Experience as either a Chief Information Security Officer of an enterprise organization or as a direct report to a Chief Information Security Officer of a large international organization is required. Experience in the attraction, recruitment, hiring, retention and professional development of a diverse team of dedicated information security professionals. Experience in the successful evolution of an information security program. This will include garnering executive support and budget for information security initiatives, building consensus with functional leaders by demonstrating value and measurable results and creating a culture of information security awareness amongst the company's core ecosystem, including patients, employees, partners and vendors, while maintaining efficiency. Experience in the evaluation and implementation of industry standard enterprise-wide information security technologies and concepts, including but not limited to: Data Loss Prevention, Security Information and Event Management, Governance, Risk and Compliance Tools, Threat and Vulnerability Management, Identity and Access Management, Application Security, Cloud Security and Computer Forensics. A demonstrated understanding of the complex and diverse threats that an internationally renowned organization with sensitive data can be exposed to. Experience in managing relationships with external information security technology vendors, and specialized information security professional services firms, including management of the evaluation process of their capabilities, and the eventual negotiation of fair service level agreements and contracts between their company and these entities. Must be eligible to obtain security clearance if necessary. Exemption Status Exempt Compensation Detail The minimum starting salary for the position may range from $369,000 to $554,000. This range reflects full-time total base compensation prior to consideration of additional experience or duties. Pay for the selected candidate will vary based on experience, FTE, internal equity, or external market data. Benefits Eligible Yes Schedule Full Time Hours/Pay Period 80 International Assignment No Site Description Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is. Equal Opportunity All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the 'EOE is the Law'. Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization. Recruiter Justin Kennedy

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00